53 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-45957
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Dnsmasq 2.86 has a heap-based buffer overflow in answerrequest called from FuzzAnswerTheRequest and fuzzrfc1035.c. NOTE: the vendor's position is that...
Linux Distros Unpatched Vulnerability : CVE-2024-28593
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Chat activity in Moodle 4.3.3 allows students to insert a potentially unwanted HTML A element or IMG element, or HTML content that leads to a performance...
Linux Distros Unpatched Vulnerability : CVE-2022-32089
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - MariaDB v10.5 to v10.7 was discovered to contain a segmentation fault via the component stselectlexunit::excludelevel. CVE-2022-32089 Note that Nessus relies on...
Linux Distros Unpatched Vulnerability : CVE-2022-3123
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site Scripting XSS - Reflected in GitHub repository splitbrain/dokuwiki prior to 2022-07-31a. CVE-2022-3123 Note that Nessus relies on the presence of the...
Linux Distros Unpatched Vulnerability : CVE-2022-50107
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: cifs: Fix memory leak when using fscache If we hit the 'index == nextcached' case, we leak a...
Linux Distros Unpatched Vulnerability : CVE-2021-47047
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: spi: spi-zynqmp-gqspi: return -ENOMEM if dmamapsingle fails The spi controller supports 44-b...
Linux Distros Unpatched Vulnerability : CVE-2024-7523
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A select option could partially obscure security prompts. This could be used by a malicious site to trick a user into granting permissions. This issue only...
Linux Distros Unpatched Vulnerability : CVE-2023-52457
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: serial: 8250: omap: Don't skip resource freeing if pmruntimeresumeandget failed Returning an...
Fedora 41 : thunderbird (2025-a9d97ce15f)
The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-a9d97ce15f advisory. Update to 128.13.0 https://www.thunderbird.net/en-US/thunderbird/128.13.0esr/releasenotes/...
Amazon Linux 2023 : docker (ALAS2023-2025-1074)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1074 advisory. Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which a...
Oracle Linux 10 : grafana (ELSA-2025-8666)
The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-8666 advisory. - Resolves RHEL-89943: CVE-2025-4123 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus h...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : gdm (SUSE-SU-2025:02003-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:02003-1 advisory. - CVE-2025-6018: Removes pamenv from auth stack for security reason bsc1243226. Tenable has extracted th...
Oracle Linux 8 : git (ELSA-2025-8414)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-8414 advisory. 2.43.5-3 - add the option to sanitize sideband channel messages - Resolves: RHEL-74177 Tenable has extracted the preceding description block directly from the...
Oracle Linux 9 : nodejs:22 (ELSA-2025-7433)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-7433 advisory. - Patch fix for sqlite CVE-2025-31498 Resolves: RHEL-87319 - Update c-ares to newest version with fix for CVE-2025-31498 Resolves: RHEL-86586 - Update ...
CBL Mariner 2.0 Security Update: kernel (CVE-2025-21669)
The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21669 advisory. - In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: discard packets if the...
KB5055596: Windows Server 2008 Security Update (April 2025)
The remote Windows host is missing security update 5055596. It is, therefore, affected by multiple vulnerabilities - Use after free in Windows Win32K - GRFX allows an unauthorized attacker to elevate privileges over a network. CVE-2025-26687 - A remote code execution vulnerability. An attacker ca...
FreeBSD : chromium -- multiple security fixes (a02a6d94-fe53-11ef-85f3-a8a1599412c6)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the a02a6d94-fe53-11ef-85f3-a8a1599412c6 advisory. Chrome Releases reports: This update includes 5 security fixes: Tenable has extracted the...
Linux Distros Unpatched Vulnerability : CVE-2024-41075
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cachefiles: add consistency check for copen/cread This prevents malicious processes from completing random copen/cread requests and crashing the system. Added...
IBM Engineering Requirements Management DOORS Next Reflected File Download (7184506)
The version of IBM Engineering Requirements Management DOORS Next installed on the remote host is 7.0.2 prior to 7.0.2 ifix 33 or 7.0.3 7.0.3 ifix 11 or 7.1.0 7.1.0 ifix 02. It is, therefore, affected by reflected file download vulnerability as referenced in the 7184506 advisory. - IBM Engineerin...
Linux Distros Unpatched Vulnerability : CVE-2024-42080
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/restrack: Fix potential invalid address access struct rdmarestrackentry's kernname was set to KBUILDMODNAME in ibcreatecq, while if the module exited but...